<?php
include 'func.php';
$m = explode(";",$_GET['m']);
$mode = $m[0];
if($mode == "submit")
{
    session_id($_GET['PHPSESSID']);
    session_start();
    $FeS = $_SESSION['FeS'];
    if(!$_POST) exit;
    $user = $api->query("user",array("name"=>$_POST["user"]));
    if(!$user) echo "That username doesn't exist.<br>";
    else
    {
        $pass = $user['pass'];
        if(md5deconf($_POST["opass"]) != md5($FeS.$pass)) echo "Incorrect password.";
        else
        {
            $uid = $user['id'];
            setcookie("ramble_id",$user['id'],time()+60*60*24*14);
            if(!$user['rank']) $rank = 0;
            else $rank = $user['rank'];
            setcookie("ramble_rank",$rank,time()+60*60*24*14);
            $date = time();
            $sql = 'UPDATE '. $config['mysql']['prefix'] .'users SET user_lastlogin='. $date .' WHERE user_id='. $uid;
            $api->q($sql);
            session_destroy();
?>
<script type="text/javascript">
$("#dialog").dialog("close");
$("#nav ul").lp("index.php?m=nav",pload);
$("#userbox").lp("index.php?m=ubox",function(){pload(); $("#userbox").animate({'opacity': 'toggle', 'height': 'toggle'});});
$("#content").lp(window.location.hash.slice(1));
</script>
<?php
            exit;
        }
    }
}
elseif($mode == "logout")
{
    if($m[1] == "submit")
    {
        setcookie("ramble_id",false,time()-1000);
        setcookie("ramble_rank",false,time()-1000);
        setcookie("ramble_logout",1,time()+60*60*24*14);
?>
<script type="text/javascript">
$("#dialog").dialog("close");
$("#nav ul").lp("index.php?m=nav",pload);
$("#userbox").empty().hide();
$("#content").lp(window.location.hash.slice(1));
</script>
<?php
        exit;
    }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
    <title>Ramble Forums: <?=$i18n->get('login/logout/link')?></title>
</head>
<body>
<center>
    <?=$i18n->get('login/logout/sure')?>
</center>
</body>
</html>
<?php
    exit;
}
elseif($mode == "reg")
{
    if($m[1] == "submit")
    {
        $user = strip_tags($_POST["user"]);
        $pass = strip_tags($_POST["pass"]);
        if(!preg_match('/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i',$_POST['email'])) # Validate email
        {
            echo "Please enter a valid email.";
        }
        else
        {
            if($api->get('user','id',array('name'=>$user))) echo "That username already exists.";
            else
            {
                $time = time();
                $params = array($user,$email);
                $sql = $api->q('INSERT INTO '.$config['mysql']['prefix'].'users (`user_name`,`user_pass`,`user_email`,`user_regdate`,`user_lastlogin`) VALUES (?,\''.md5($pass).'\',?,'.$time.','.$time.')',$params);
                $id = $api->get('user','id',array('name'=>$user));
                setcookie("ramble_id",$id,time()+60*60*24*14);
?>
<script type="text/javascript">
$("#dialog").dialog("close");
$("#userbox").lp("index.php?m=ubox",function(){pload(); $("#userbox").animate({'opacity': 'toggle', 'height': 'toggle'});});
$("#nav ul").lp("index.php?m=nav",pload);
</script>
<?php
                exit;
            }
        }
    }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
    <title>Ramble Forums: Register</title>
</head>
<body>
<p>Please enter your registration information here. All fields are required.</p>
<form id="rform" class="lform" method="post" onsubmit="$('#rform').ajaxSubmit({ beforeSubmit: checkReg, target: '.ui-dialog-content' }); return false;" action="login.php?m=reg;submit">
    <table>
        <tfoot>
            <tr>
                <td colspan="4">
                <input type="submit" class="button" value="Register" />
                </td>
            </tr>
        </tfoot>
        <tbody>
            <tr>
                <th><label for="user">Username</label></th>
                <td><input type="text" name="user" id="user" /></td>
                <td colspan="2" />
            </tr>
            <tr>
                <th><label for="pass">Password</label></th>
                <td><input type="password" id="pass" name="pass" onkeyup="$('#pass').checkVal();"/></td>
                <th><label for="cpass">Confirm Password</label></th>
                <td><input type="password" id="cpass" name="cpass" onkeyup="$('#pass').checkVal();" /></td>
            </tr>
            <tr>
                <th><label for="email">Email</label></th>
                <td><input type="text" id="email" name="email" onkeyup="$('#email').checkVal();"/></td>
                <th><label for="cemail">Confirm Email</label></th>
                <td><input type="text" id="cemail" name="cemail" onkeyup="$('#email').checkVal();" /></td>
            </tr>
        </tbody>
    </table>
</form>
</body>
</html>
<?php
    exit;
}
if($_COOKIE['PHPSESSID']) session_id($_COOKIE['PHPSESSID']);
session_start();
$_SESSION['FeS'] = shaker();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
    <title>Ramble Forums: Login</title>
</head>
<body>
<div class="login">
<p><?=$i18n->get('login/login/info')?></p>
<form id="form" class="lform" method="post" onsubmit="$('#opass').val(md5conf(md5('<?=$_SESSION['FeS']?>'+md5($('#pass').val())))); $('#form').ajaxSubmit({ target: '.ui-dialog-content' }); return false;" action="login.php?m=submit&<?=SID?>">
    <div>
        <input type="hidden" name="opass" id="opass" />
    </div>
    <table>
        <tfoot>
            <tr>
                <th />
                <td>
                <input type="submit" class="button" value="<?=$i18n->get('login/login/submit')?>" />
                </td>
            </tr>
        </tfoot>
        <tbody>
            <tr>
                <th><label for="user"><?=$i18n->get('login/login/username')?></label></th>
                <td><input type="text" name="user" id="user" /></td>
            </tr>
            <tr>
                <th><label for="pass"><?=$i18n->get('login/login/password')?></label></th>
                <td><input type="password" id="pass" /></td>
            </tr>
        </tbody>
    </table>
</form>
</div>
<div class="reglink">
<p>Don't have an account?</p>
<p style="text-align: center;">
    <button onclick="$('.ui-dialog-content').lp('login.php?m=reg');"><?=$i18n->get('login/register/button')?></button>
</p>
</div>
</body>
</html>